require_once JPATH_COMPONENT . DS . 'helper' . DS . 'helper.php'; require_once JPATH_COMPONENT . DS . 'helper' . DS . 'settings.php'; // Require specific controller if requested if ($controller = JRequest::getWord('controller')) { $path = JPATH_COMPONENT . DS . 'controllers' . DS . $controller . '.php'; if (file_exists($path)) { require_once $path; } else { $controller = ''; } } // Create the controller $classname = 'FstController' . $controller; $controller = new $classname(); $css = FSTRoute::x("index.php?option=com_fst&view=css&layout=default"); $document = JFactory::getDocument(); $document->addStyleSheet($css); FST_Helper::IncludeJQuery(); // Perform the Request task $task = JRequest::getVar('task'); if ($task == "captcha_image") { ob_clean(); require_once JPATH_SITE . DS . 'components' . DS . 'com_fst' . DS . 'helper' . DS . 'captcha.php'; $cap = new FST_Captcha(); $cap->GetImage(); exit; } else { $controller->execute($task); // Redirect if set by the controller $controller->redirect(); }
function DoPost() { $this->post['name'] = JRequest::getVar('name', '', '', 'string'); $this->post['email'] = JRequest::getVar('email', '', '', 'string'); $this->post['website'] = JRequest::getVar('website', '', '', 'string'); $this->post['body'] = JRequest::getVar('body', '', '', 'string'); $this->post['itemid'] = JRequest::getVar('itemid', 0, '', 'int'); $this->post['ident'] = JRequest::getVar('ident', 0, '', 'int'); $published = 1; if ($this->moderate) { $published = 0; } $captcha = new FST_Captcha(); $this->valid = 1; if ($this->post['name'] == "") { $this->errors['name'] = JText::_("YOU_MUST_ENTER_A_NAME"); $this->valid = 0; } if ($this->use_email && $this->post['email'] != "" && !JMailHelper::isEmailAddress($this->post['email'])) { $this->errors['email'] = JText::_("INVALID_EMAIL_ADDRESS_ENTERED"); $this->valid = 0; } if ($this->use_website && $this->post['website'] != "" && 0) { $this->errors['website'] = JText::_("INVALID_WEBSITE_ADDRESS_ENTERED"); $this->valid = 0; } if ($this->post['body'] == "") { $this->errors['body'] = JText::_("YOU_MUST_ENTER_A_COMMENT_TO_POST"); $this->valid = 0; } if ($this->handler->item_select_must_have) { if ($this->post['itemid'] == 0) { $this->errors['itemid'] = JText::_("YOU_MUST_SELECT_A") . $this->handler->email_article_type; $this->valid = 0; } } if (!$captcha->ValidateCaptcha()) { $this->errors['captcha'] = JText::_("INVALID_SECURITY_CODE"); $this->valid = 0; } if (!FSTCF::ValidateFields($this->customfields, $this->errors)) { $this->valid = 0; } $output['valid'] = $this->valid; if ($this->valid == 1) { $db = JFactory::getDBO(); $user = JFactory::getUser(); $userid = $user->id; $custom = FSTCF::Comm_StoreFields($this->customfields); $custom = serialize($custom); $now = FST_Helper::CurDate(); $qry = "INSERT INTO " . $this->table . " (ident, itemid, name, email, website, body, published, created, userid, custom) VALUES ("; $qry .= $this->post['ident']; $qry .= " , " . $this->post['itemid']; $qry .= " , '" . FSTJ3Helper::getEscaped($db, $this->post['name']); $qry .= "' , '" . FSTJ3Helper::getEscaped($db, $this->post['email']); $qry .= "' , '" . FSTJ3Helper::getEscaped($db, $this->post['website']); $qry .= "' , '" . FSTJ3Helper::getEscaped($db, $this->post['body']); $qry .= "' , {$published}, '{$now}', '" . FSTJ3Helper::getEscaped($db, $userid) . "', '" . FSTJ3Helper::getEscaped($db, $custom) . "' )"; $db->SetQuery($qry); $db->Query(); $this->comment = $this->post; $this->comment['id'] = $db->insertid(); $this->comment['ident'] = $this->post['ident']; foreach ($this->customfields as $id => $field) { $this->comment["custom_{$id}"] = JRequest::getVar("custom_{$id}", ""); JRequest::setVar("custom_{$id}", ''); } FST_EMail::Send_Comment($this); ob_clean(); if ($this->moderate) { $this->comment['published'] = 0; include $this->tmplpath . DS . 'moderate.php'; } else { if ($this->opt_show_posted_message_only) { $this->comment['published'] = 0; include $this->tmplpath . DS . 'thanks.php'; } else { $this->comment['published'] = 1; include $this->tmplpath . DS . 'thanks.php'; include $this->tmplpath . DS . 'comment.php'; } } $output['comment'] = ob_get_contents(); if ($this->opt_display) { if ($this->opt_order == 0) { $output['display'] = 'before'; } else { $output['display'] = 'after'; } } else { $output['display'] = 'none'; } if ($this->opt_show_posted_message_only) { $output['display'] = "replace"; } $this->post['name'] = $this->GetName(); $this->post['email'] = ''; $this->post['website'] = ''; $this->post['body'] = ''; $this->post['created'] = 'now'; if ($this->opt_show_form_after_post) { ob_clean(); $this->captcha = $captcha->GetCaptcha(); include $this->tmplpath . DS . 'addcomment.php'; $output['form'] = ob_get_contents(); $output['form_display'] = "replace"; } else { $output['form'] = ''; $output['form_display'] = ""; if ($this->opt_form_clear_comment) { $output['form_display'] = "clear_comment"; } } ob_clean(); echo json_encode($output); exit; } else { $output['display'] = 'none'; $output['form_display'] = "replace"; ob_clean(); $this->comment = $this->post; include $this->tmplpath . DS . 'comment.php'; $output['comment'] = ob_get_contents(); ob_clean(); $this->captcha = $captcha->GetCaptcha(); include $this->tmplpath . DS . 'addcomment.php'; $output['form'] = ob_get_contents(); ob_clean(); echo json_encode($output); exit; } return true; }